[Zope-Checkins] SVN: Zope/trunk/ - Add a request method decorator to AccessControl, creating decorators that limit a method to one request method only.

Log message for revision 73386: - Add a request method decorator to AccessControl, creating decorators that limit a method to one request method only. - Protect various security-setting-mutators with a POST-only decorator. Changed: U Zope/trunk/doc/CHANGES.txt U

[Zope-Checkins] SVN: Zope/branches/2.10/ - Backport a postonly decorator from Zope trunk's requestmethod decorator factory.

Log message for revision 73388: - Backport a postonly decorator from Zope trunk's requestmethod decorator factory. - Protect various security-setting-mutators with this decorator. Changed: U Zope/branches/2.10/doc/CHANGES.txt U Zope/branches/2.10/lib/python/AccessControl/Owned.py U

[Zope-Checkins] SVN: Zope/branches/2.9/ - Backport a postonly decorator from Zope trunk's requestmethod decorator factory.

Log message for revision 73389: - Backport a postonly decorator from Zope trunk's requestmethod decorator factory. - Protect various security-setting-mutators with this decorator. Changed: U Zope/branches/2.9/doc/CHANGES.txt U Zope/branches/2.9/lib/python/AccessControl/Owned.py U

[Zope-Checkins] SVN: Zope/branches/Zope-2_8-branch/ - Backport a postonly decorator from Zope trunk's requestmethod decorator factory.

Log message for revision 73390: - Backport a postonly decorator from Zope trunk's requestmethod decorator factory. - Protect various security-setting-mutators with this decorator. Changed: U Zope/branches/Zope-2_8-branch/doc/CHANGES.txt U

[Zope-Checkins] SVN: Zope/hotfixes/ Import POST-only hotfix

/README.txt === --- Zope/hotfixes/README.txt2007-03-20 09:05:56 UTC (rev 73390) +++ Zope/hotfixes/README.txt2007-03-20 09:09:02 UTC (rev 73391) @@ -0,0 +1,62 @@ +Hotfix-20070320 README + +This hotfix corrects a cross-site

[Zope-Checkins] SVN: Zope/hotfixes/ Undo botched import

=== --- Zope/hotfixes/README.txt2007-03-20 09:09:02 UTC (rev 73391) +++ Zope/hotfixes/README.txt2007-03-20 09:10:28 UTC (rev 73392) @@ -1,62 +0,0 @@ -Hotfix-20070320 README - -This hotfix corrects a cross-site scripting vulnerability in Zope2, -where an attacker can use a hidden GET request

[Zope-Checkins] SVN: Zope/hotfixes/Hotfix_20070320/ Undo botched import

73392) +++ Zope/hotfixes/Hotfix_20070320/README.txt2007-03-20 09:11:46 UTC (rev 73393) @@ -0,0 +1,62 @@ +Hotfix-20070320 README + +This hotfix corrects a cross-site scripting vulnerability in Zope2, +where an attacker can use a hidden GET request to leverage a +authenticated user's

[Zope-Checkins] SVN: Zope/trunk/lib/python/AccessControl/requestmethod.py Add backward compatible postonly decorator

Log message for revision 73395: Add backward compatible postonly decorator Changed: U Zope/trunk/lib/python/AccessControl/requestmethod.py -=- Modified: Zope/trunk/lib/python/AccessControl/requestmethod.py === ---

[Zope-Checkins] SVN: Zope/trunk/lib/python/AccessControl/requestmethod.py Add comment about postonly status

Log message for revision 73396: Add comment about postonly status Changed: U Zope/trunk/lib/python/AccessControl/requestmethod.py -=- Modified: Zope/trunk/lib/python/AccessControl/requestmethod.py === ---